<?php

include_once($_SERVER['DOCUMENT_ROOT'] . '/htqlmba/models/m_taikhoan.php');

if (isset($_POST['txtusername']) && isset($_POST['txtpassword'])) {
    $user = new taikhoan();
    $user->settendv(trim($_POST['txtusername']));
    $user->setmatkhau(md5(trim($_POST['txtpassword'])));
    if ($user->kiemTra() != 0) {
        while ($rows = mysql_fetch_array($user->getResult())) {
            $user->setquyen($rows['QUYEN']);
        }
        $ntendv= $_SESSION['ntendv']=$user->gettendv();
        $nmaquyen = $_SESSION['nmaquyen'] = $user->getquyen();
        if ($nmaquyen != NULL) {
            $sql = "SELECT B.TEN_DON_VI,B.MA_DON_VI,B.DIA_CHI_DV,B.LIEN_HE_DV,A.QUYEN
                    FROM tai_khoan AS A, don_vi AS B
                    WHERE A.MA_DON_VI=B.MA_DON_VI
                    AND TEN_TK='".$ntendv."'";
            $user->setQuery($sql);
            $rows = mysql_fetch_array($user->fetchAll());
            if($rows!=NULL){
                $nmadv=$_SESSION['nmadv']=$rows['MA_DON_VI'];
                $nten=$_SESSION['nten']=$rows['TEN_DON_VI'];
                $ndiachi=$_SESSION['ndiachidv']=$rows['DIA_CHI_DV'];
                $nlienhe=$_SESSION['nlienhe']=$rows['LIEN_HE_DV'];
                $quyen=$_SESSION['quyen_byK']=$rows['QUYEN'];
            }
        }
        if ($nmaquyen == '1')
            echo "<script language=javascript> window.location = 'index.php?content=khkt'; </script>";
        else if ($nmaquyen == '2')
            echo "<script language=javascript> window.location = 'index.php?content=view'; </script>";
        else if ($nmaquyen == '3')
            echo "<script language=javascript> window.location = 'index.php?content=input'; </script>";
        else
            echo "<script language=javascript> window.location = 'index.php'; </script>";
    }
    else {
        echo "<script language=javascript> alert('Ten dang nhap hoac mat khau vua nhap khong dung.');window.location = 'index.php'; </script>";
    }
} else
    include("views/v_login.php");
?>
